Better to return 401 when failing to authenticate

This commit is contained in:
Pavel Savchenko 2012-11-28 17:04:36 +02:00
parent 11ef60b127
commit 7eec582d40

View File

@ -18,7 +18,7 @@ class ObtainAuthToken(APIView):
if serializer.is_valid(): if serializer.is_valid():
token, created = Token.objects.get_or_create(user=serializer.object['user']) token, created = Token.objects.get_or_create(user=serializer.object['user'])
return Response({'token': token.key}) return Response({'token': token.key})
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) return Response(serializer.errors, status=status.HTTP_401_UNAUTHORIZED)
obtain_auth_token = ObtainAuthToken.as_view() obtain_auth_token = ObtainAuthToken.as_view()